Is PPTP a secure VPN-protocol?
3 questions = 3 answers....
1) Is PPTP a secure VPN-protocol? - The short answer is no. PPTP has been the subject of many security analyses and serious security vulnerabilities have been found in the protocol. The known vulnerabilities relate to the underlying PPP authentication protocols used, the design of the MPPE protocol as well as the integration between MPPE and PPP authentication for session key establishment. More info on PPTP here
2) Can you get VPN-like functionality using SSH? - The short answer is yes: Use OpenVPN community edition. OpenVPN's community documentation is here, and it uses SSL. You should take your time to make sure that you understand how the server is set up (detailed config here) and likewise what you are doing to your client-machines (detailed config here).
3) Finally are passwords insecure? It depends on their length, but the long answer is written below. What I think is more important is whether the password was sent in clear text which in some implementations is - literally speaking - a disaster. There is an elaborate explanation on this blog, but to my knowledge attack frequency can be no higher than ping time, as a frequency of packages higher than this simply gets dropped by the ethernet card without any processing. So when I "ping" myself I get the limit:
Me@MyPC:~$ ping localhost
PING localhost.localdomain (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost.localdomain (127.0.0.1): icmp_req=1 ttl=64 time=0.149 ms
64 bytes from localhost.localdomain (127.0.0.1): icmp_req=2 ttl=64 time=0.110 ms
64 bytes from localhost.localdomain (127.0.0.1): icmp_req=3 ttl=64 time=0.113 ms
64 bytes from localhost.localdomain (127.0.0.1): icmp_req=4 ttl=64 time=0.142 ms
^C
--- localhost.localdomain ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.110/0.128/0.149/0.020 ms
With 0.128 ms as average, equal to 0.000128 s per response the number of attacks possible per second:
1 second / 0.000128 second per ping is 7812.5 trials per second.
Dictionary words If you use a word from a dictionary, your password can maximum take form of one of the 200,000 words in all the dictionaries in the world. This means that trying 200,000 words will take:
200,000 / 7812.5 = 25.6 seconds.
If you use two consecutive words, then the combinations possible are 200,000 ^ 2 whereby it can be cracked with guarantee within:
200,000^2 / 7812.5 = 40000000000 / 7812.5 = 5120000 seconds.
This equals: 59.259 hours of continuous attack, where I'm sure you router looked busy.
For respectively three, four and five word password that increases as follows, assuming 31536000 seconds per year:
200,000^1 / 7812.5 = 25.6 seconds
200,000^2 / 7812.5 = 5120000 seconds
200,000^3 / 7812.5 = 1.024 * 10^12 seconds = 32,470 years
200,000^4 / 7812.5 = 2.048 * 10^17 seconds = 6,494,165,398 years
200,000^5 / 7812.5 = 4.096 * 10^22 seconds = 1,298,833,079,654,997.5 years
Hereby it should be noticed that the age of the universe is assessed to 13.75 billion years = 4.336 * 10^17 seconds, so the technical answer to attempts to hacking a three-word password by brute force is "not feasible" :-)
Related videos on Youtube
06 : 27
03 : 26
09 : 13
03 : 15
11 : 38
Niklas
Updated on September 18, 2022Comments
-
Niklas over 1 year
I will be setting up a VPN on my home server and in tutorials I've read it says that the protocol can only be used with passwords, not key-files. To me this doesn't seem very secure so I was wondering if it's possible to tunnel PPTP over SSH or something like that. Basically, how do you create a secure PPTP connection? Can you get VPN-like functionality just through SSH and use it instead of PPTP?